No training plan is in place for the company you chose, and many members of the upper management argue that there is no need to have one. However, your supervisor has asked you to research the compliance and/or audit standards that your organization must adhere to maintain these requirements and then write a proposal to address the training needed for the company.
You are required to write a three to five (3-5) page proposal in which you recommend the need for security awareness training. In your proposal, be sure to:
Identify compliance or audit standards that your organization must adhere to.
Identify security awareness requirements for those standards.
Identify training methods to meet those requirements (In house, contract or CBT).
You should assume that your company will have to accept credit cards as payments.
You should assume that no current awareness/training plans exist for your company.
You should assume that all offices and groups need training.